Grapho-Lock: Outlook instructions

---

Instructions for Testing Digital Signatures and Encryption in Outlook 2003 to 2007 with Grapho-Lock Signing tools ©®

The security Software which allows you to create as much certificates you need to protect privacy of your email communications, you have to choose first your strategy

---

• Either you create your own private CA and users certificates from the software (the drawback is limited upfront trust acceptance , but if you can manage a safe distribution of X509 certificates to end users, you have the same security level than the other choice)
  
• Or you buy some trusted certificates from a registered Certificate authority such as Verisign, thawte, comodo,cert-europe or the like. Drawback is price related , each digital ID enclosed in a X509 certificate is bought and can lead to significative recurring cost.

Before you use your digital certificate to sign messages in Outlook, you must configure Outlook to use the digital certificate that you just installed. Because this information is stored on a per-user basis, you will need to configure each of your test user accounts.

To configure Outlook to use a digital certificate

1. Click Tools, and then click Options.
2. Click on the Security tab and click Settings.
3. Outlook populates the Change Security Settings dialog box with default information (see Figure 7.5). Click OK to accept the defaults.

   Note
   If a user has more than one digital certificate in the local computer store, you must specify which digital certificate you want Outlook to use. To specify the certificate, under Certificates and Algorithms, click both
   Choose buttons.
   You can configure each of the email accounts you use with a separate certificate to cope with each email address you are using, or you can use the same to protect any of your emails accounts.

   
   Figure 7.5 Security settings in Outlook
   
4. Click OK to close the Options dialog box.
   

   Note
   After you configure these settings, the Add digital signature to this message button and Encrypt message contents and attachments button are automatically added to the new mail message form when Word is enabled as the e-mail editor. In Outlook 2003, Microsoft Office Word 2003 is enabled as the e-mail editor by default, and these settings make these buttons visible by default. If you do not use Word as the e-mail editor, you will not see these buttons by default. To make these buttons appear, you can re-enable Word as the e-mail editor or customize the Outlook e-mail editor. For information about how to make these changes, see Outlook 2003 Help.

   Now that Outlook is configured to use the digital certificate you installed for this user, you can test sending and receiving digitally signed and encrypted messages.

To send a digitally signed message using Outlook

1. To compose a new message, click New.
2. Add a recipient for the test message and fill out the message fields.
3. Ensure that the Add digital signature to this message button is selected (see Figure 7.6). Because you want to test only digital signing, ensure that that the Encrypt message contents and attachments button is not selected.
   
   
   Figure 7.6 Digitally signed message in Outlook
   
4. Click Send.

   At this point, your digitally signed message has been sent to the recipient, who can then verify the digital signature.

To send an encrypted message using Outlook

1. To compose a new message, click New.
2. Add a recipient for the test message and fill out the message fields.
3. Ensure that the Encrypt message contents and attachments button is selected (see Figure 7.6). Because you want to test only encryption, ensure that that the Add digital signature to this message button is not selected.
   

   Important
   To successfully send an encrypted e-mail message, the recipient must already have a digital certificate. If you attempt to send an encrypted e mail message to a user who does not have a digital certificate, you will receive an error. Make sure you have followed the instructions in "Requesting Digital Certificates for Users" earlier in this chapter for all your test users before sending e-mail messages to them.

   
   Figure 7.7 Encrypted message in Outlook
   
4. Click Send.

   At this point, your encrypted message has been sent to the recipient, who can then open and read it.

To view a digitally signed message using Outlook

1. In the Inbox, locate the digitally signed test message and double-click it.
2. When the message opens, click the Verify signature button to verify the signature (see Figure 7.8).
   
   Figure 7.8 Verify signature button in Outlook
   
3. After you click the Verify signature button, the Digital Signature dialog box is displayed (see Figure 7.9), indicating that the digital signature is valid..
   Figure 7.9 Digital signature verified in Outlook
   
   At this point, you have verified the digital signature of the message.

To view an encrypted message using Outlook

1. In the Inbox, locate the encrypted test message and double-click it.
2. When the message opens, click the Verify encryption button to verify the encryption (see Figure 7.10).
   
   Figure 7.10 Verify encryption button in Outlook
   
3. After you click the Verify encryption button, the Message Security Properties dialog box is displayed (see Figure 7.11), indicating that the encrypted message is valid.
   
   Figure 7.11 Encryption verified in Outlook
   
   At this point, you have verified the encryption of the message.
   After you complete these steps, you will have tested all elements of using S/MIME in Outlook 2003. This information lets you see how an S/MIME system that uses Outlook will function for your users.